Arbitrary User Creation Vulnerability in The Address Book 1.04e

Arbitrary User Creation Vulnerability in The Address Book 1.04e

CVE-2006-4580 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

register.php in The Address Book 1.04e allows remote attackers to bypass the "Allow User Self-Registration" setting and create arbitrary users by setting the mode parameter to "confirm".

Learn more about our User Device Pen Test.